Survey of Uncertainty Handling in Cloud Service Discovery and Composition

With the spread of services related to cloud environment, it is tiresome and time consuming for users to look for the appropriate service that meet with their needs. Therefore, finding a valid and reliable service is essential. However, in case a single cloud service cannot fulfil every user requirements, a composition of cloud services is needed. In addition, the need to treat uncertainty in cloud service discovery and composition induces a lot of concerns in order to minimize the risk. Risk includes some sort of either loss or damage which is possible to be received by a target (i.e., the environment, cloud providers or customers). In this paper, we will focus on the uncertainty application for cloud service discovery and composition. A set of existing approaches in literature are reviewed and categorized according to the risk modeling.

💡 Research Summary

The paper addresses the growing challenge of locating and assembling cloud services that satisfy user requirements in an environment where the number of available services is rapidly expanding. When a single service cannot meet all functional, performance, or quality‑of‑service (QoS) demands, users must compose multiple services into a workflow. This composition process introduces significant uncertainty, which in turn creates risk for providers, customers, and the broader ecosystem. The authors focus on how uncertainty has been modeled and mitigated in the contexts of cloud service discovery and composition, reviewing a broad set of scholarly contributions published between 2010 and 2022.

First, the authors categorize sources of uncertainty into internal factors (e.g., variability in a provider’s performance, SLA violations, hardware failures) and external factors (e.g., market fluctuations, regulatory changes, sudden shifts in user demand). They argue that these uncertainties translate into concrete risks such as financial loss, service downtime, and erosion of trust. To quantify and reason about these risks, the literature employs four principal modeling families: (1) probabilistic approaches (e.g., Gaussian, Poisson, or Bayesian inference applied to measurable QoS metrics), (2) fuzzy‑logic techniques (which convert linguistic assessments like “high latency” into fuzzy numbers), (3) Bayesian networks (capturing conditional dependencies among multiple risk variables), and (4) Markov Decision Processes (MDPs) and reinforcement‑learning methods (optimizing service selection policies under stochastic state transitions).

Probabilistic models excel when abundant historical logs are available, offering precise predictions of response time, availability, or throughput. However, they suffer from over‑confidence when data are sparse or non‑stationary. Fuzzy‑logic approaches mitigate data scarcity by embedding expert judgment, allowing the system to operate with imprecise inputs. Bayesian networks provide a structured way to model complex inter‑dependencies (e.g., how a provider’s security posture influences latency and cost) and support incremental updating as new observations arrive. MDPs and reinforcement learning, while powerful for dynamic decision making, are computationally intensive; the state‑action space can explode in realistic multi‑service compositions, limiting real‑time applicability.

The surveyed works are mapped onto a two‑dimensional taxonomy: (a) the origin of uncertainty (internal vs. external) and (b) the mitigation strategy (prediction vs. mitigation). Prediction‑oriented studies typically analyze historical performance logs to forecast future QoS, or they construct scenario‑based simulations to anticipate market or regulatory impacts. Mitigation‑oriented studies design compensation mechanisms for SLA breaches, employ redundancy (replication and load balancing), or formulate composite trust scores that aggregate individual service reliabilities. Notably, composition‑specific research introduces “composite reliability models” that multiply the reliabilities of constituent services, and “chained fuzzy inference” that propagates fuzzy QoS constraints through the workflow, yielding a holistic confidence measure for the entire service chain.

The authors identify several gaps in the current state of the art. Data availability remains a bottleneck; many models assume rich, high‑quality datasets that are rarely present in practice. Complex models such as Bayesian networks and MDPs demand substantial computational resources, hindering their deployment in fast‑changing cloud environments. Moreover, most evaluations are performed in simulated testbeds rather than in production‑grade clouds, raising questions about external validity.

To advance the field, the paper proposes four research directions: (1) develop lightweight probabilistic graphical models and online learning algorithms that can update risk assessments on the fly; (2) integrate blockchain‑based immutable SLA records and smart‑contract‑driven compensation to increase transparency and trust; (3) design unified frameworks that handle multi‑cloud and hybrid‑cloud compositions, explicitly modeling cross‑provider interaction risks; and (4) conduct large‑scale field trials in collaboration with cloud providers to validate theoretical models under real workloads.

In conclusion, effective uncertainty handling in cloud service discovery and composition requires a hybrid approach that blends probabilistic, fuzzy, Bayesian, and decision‑theoretic techniques, balancing predictive analytics with proactive mitigation. Such an integrated risk‑aware framework can improve user satisfaction, reduce exposure for providers, and foster a more resilient cloud ecosystem.